Kubernetes Command 정리

ETCD

• etcdctl ls /registry
• etcdctl ls /registry/pods
• etcdctl ls /registry/pods/XXnamespace-nameXX
• etcdctl ls /registry/pods/XXnamespace-nameXX/XXpod-nameXX
• etcdctl get / --prefix -keys-only

Kube-Apiserver

• cat /etc/kubernetes/manifests/kube-apiserver.yaml -> config check

Controller-Manager

• cat /etc/kubernetes/manifests/kube-controller-manager.yaml -> config check

Scheduler

• cat /etc/kubernetes/manifests/kube-scheduler.yaml
• ps aux | grep kube-scheduler

Kubelet

• ps aux | grep kubelet

Kube-Proxy

• kubectl get pods -n kube-system
• kubectl get deamonset -n kube-system

Pod

• kubectl create -f XXXX.yaml
• kubectl get pods
kubectl get pods -A
kubectl get pods -o wide
kubectl get pods -n XXnamespace-nameXX
kubectl get pods -n kube-system
• kubectl get po XXpod-nameXX -o yaml
kubectl XXpod-nameXX po XXXX -o json
• kubectl logs XXpod-nameXX
kubectl logs XXpod-nameXX -c XXcontainer-nameXX
• kubectl run XXpod-nameXX --image=XXimage-nameXX
• kubectl describe pod XXpod-nameXX
• kubectl get po --show-labels
• kubectl get po -L XXlabel-nameXX -> to show certain label value
• kubectl label po XXlabel-nameXX=XXlabel-valueXX -> to create a label
• kubectl label po XXlabel-nameXX=XXlabel-valueXX --overwrite -> to change label value
• kubectl get po -l XXlabel-nameXX -> 해당 label을 가지고 있는 pod list
  kubectl get po -l '!XXlabel-name' -> 해당 label을 가지고 있지 않는 pod list
  kubectl get po -l create_method=manual -> 수동으로 생성한 pod list
  kubectl get po -l XXlabel-nameXX in (XXlabel-value1XX,XXlabel-value2XX) -> 해당 label의 value 값을 가지고 있는 pod list
  kubectl get po -l XXlabel-nameXX notin (XXlabel-value1XX,XXlabel-value2XX) -> 해당 label의 value 값을 가지고 있지 않는 pod list
• kubectl annotate pod XXpod-nameXX XXannotate-nameXX=XXannotate-valueXX
• kubectl delete pod XXpod-nameXX
kubectl delete po XXpod-nameXX
kubectl delete po -l XXlabel-nameXX=XXlabel-valueXX
kubectl delete po --all -> 현재 namespace의 pod 제거
  kubectl delete all --all -> 현재 namespace의 거의 모든 resource 제거
• kubectl exec XXpod-nameXX -- XXcommandXX -> 실행 중인 container에 명령어 실행
  kubectl exec XXpod-nameXX -- curl -s http://XX.XXX.XXX.XXX
• kubectl exec XXpod-nameXX env -> 해당 pod의 환경변수를 확인할 수 있음 (service ip, port 확인 가능)
• kubectl exec -it XXpod-nameXX -> 해당 pod의 container에 접속
  kubectl exec -it XXpod-nameXX -c XXcontainer-nameXX -- ls -lA
kubectl exec -it XXpod-nameXX bash
• kubectl port-forward XXpod-nameXX XXtargetportXX:XXportXX
• kubectl exec XXpod-nameXX env
• kubectl exec Xpod-nameX id

Namespace

• kubectl get namespaces
kubectl get ns
• kubectl create namespace XXnamespace-nameXX
kubectl run -f XXnamespace-manifest-fileXX.yaml
• kubectl create -f XXnamespace외의-manifest-fileXX.yaml -n XXnamespace-nameXX -> namespace 지정
• kubectl delete ns XXnamespace-nameXX

Replication Controller

• kubectl get rc
• kubectl describe rc XXreplication-controller-nameXX
• kubectl edit rc xxreplication-controller-nameXX
• kubectl scale rc XXreplication-controller-nameXX --replicas=XXreplica-controller-numberXX -> scale up or down
• kubectl delete rc XXreplication-controller-nameXX
kubectl delete rc XXreplication-controller-nameXX --casecade=false -> replication controller만 삭제
  kubectl delete rc --all
• kubectl rolling-update XXorigin-replication-controll-nameXX XXupdated-replication-controller-nameXX --image=XXimage-nameXX

Replica Set

• kubectl get rs
• kubectl describe rs XXreplica-set-nameXX
• kubectl delete rs XXreplica-set-nameXX

Deamon Set

• kubectl get ds

Job

• kubectl get jobs
• kubectl scale job XXjob-nameXX --replicas=XXjob-parallelsim numberXX

Service

• kubectl get srv XXservice-nameXX
• kubectl get endpoint XXservice-nameXX

Ingress

• kubectl get ingresses

Persistent Volume

• kubectl get pv

Persistent Volume Claims

• kubectl get pvc

Storage Class

• kubectl get sc

Configmap

• kubectl get configmap
• kubectl describe configmap XXconfigmap-nameXX
kubectl get configmap XXconfigmap-nameXX -o yaml
• kubectl create configmap XXconfigmap-nameXX --from-literal=XXkeyXX=XXvalueXX
• kubectl create configmap XXconfigmap-nameXX --from-file=XXfile-nameXX
• kubectl delete configmap XXconfigmap-nameXX
• kubectl edit configmap XXconfigmap-nameXX

Secrete

• kubectl get secretes
• kubectl describe secrete XXsecrete-nameXX
• kubectl create secrete tls XXsecrete-nameXX --cert=XXcert-file-nameXX --key=XXkey-file-namexx
• kubectl create secrete XXsecrete-typeXX XXsecrete-nameXX --from-file=XXfile-nameXX

Deployment

• kubectl rollout status deployment XXdeployment-nameXX -> 해당 deployment 업데이트 진행 사항 확인
• kubectl patch deployment XXdeployment-nameXX -p 'XXresource-definitionXX'
• kubectl set image deployment XXdeployment-nameXX XXcontainer-nameXX=XXimage-namexX
• kubectl edit deployment XXdeployment-nameXX
• kubectl rollout undo delployment XXdeployment-nameXX -> 해당 deployment rollback
  kubectl rollout undo deployment XXdeployment-nameXX --to-revision=XXnumberXX
• kubectl rollout history deployment XXdeployment-nameXX
  -> deployment를 생성할 때, --record 옵션을 명시해야 볼 수 있음
• kubectl create -f XXdeployment-manifest-file-nameXX --record
• kubectl rollout pause deployment XXdeployment-nameXX
• kubectl rollout resume deployment XXdeployment-nameXX

ETCD

• etcdctl ls /registry -> kubernetes의 모든 manifest data가 저장되어 있는 directory

Service Account

• kubectl get serviceaccounts
• kubectl create serviceaccount XXservice-account-nameXX
• kubectl describe sa XXservice-account-nameXX

RBAC

• kubectl create role XXrole-nameXX --verb=XXrole-nameXX
• kubectl create rolebinding XXrolebinding-nameXX --role=XXrole-nameXX --servieceaccount=XXservice-account-nameXX -n XXnamespace-nameXX
• kubectl edit rolebinding XXrolebinding-nameXX -n XXnamespace-nameXX
• kubectl create clusterrole XXcluster-role-nameXX --verb=XXrole-nameXX --resource=XXresoure-nameXX
• kubectl create clusterrolebinding XXcluserrolebinding-nameXX --clusterrole=XXclusterrole-nameXX --serviceaccount=XXnamespaceXX:XXpod-nameXX
• kubectl get clusterroles
• kubectl get clusterrolebindings

Taint & Tolerate

• kubectl taint node XXnode-nameXX node-type=XXtaint-valueXX:XXtaint-affectXX

기타

• alias k=kubectl
• alias kcd='kubectl config set-context $(kubectl config current-context) --namespace' -> kcd XXnamespace-nameXX 으로 쉽게 전환 가능
• --watch -> command option
  ex) kubectl get pods --watch kubectl get services --watch
• curl XXip-addressXX:XXportXX
• kubectl cluster-info | grep dashboard
• gcloud container clusters describe kubia | grep -E "(username|password):"
• gcloud compute firewall-rules create XXfirewall-rule-nameXX --allow=tcp:XXport-numberXX -> firewall rule 허용
• kubectl cluster-info
• kubectl proxy
• kubectl create -f XXmanifest-file-nameXX --record
• kubectl replace -f XXmanifest-file-nameXX
• kubectl get componentstatuses -> control plane의 구성 요소 확인
• kubectl get events --watch -> controller가 발생한 event 관찰
• kubectl delete clusterrolebinding permissive-binding -> RBAC 활성화시키는 명령어
• kubectl create clusterrolebinding cluster-admin-binding --clusterrole=cluster-admin --user=XXuser-addressXX -> cluster 관리자 권한 부여